CentOS Update for kernel CESA-2009:0001-01 centos2 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1168-1)

Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. CVE-2011-1017 Neil Horman discovered that NFSv4 did not correctly handle certain orde...

Ubuntu Update for linux-ec2 USN-1161-1

Ubuntu Update for Linux kernel vulnerabilities USN-1161-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11611.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-ec2 USN-1161-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Th...

USN-1167-1: Linux kernel vulnerabilities

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file...

USN-1161-1: Linux kernel vulnerabilities (EC2)

Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. CVE-2010-3881 Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By...

USN-1164-1: Linux kernel vulnerabilities (i.MX51)

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly...

Design/Logic Flaw

net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

Design/Logic Flaw

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace

net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace

net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

PT-2011-2917 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue allows local users to obtain potentially sensitive information from kernel memory. This is achieved by leveraging the CAP NET ADMIN capability to issue a crafted request, and then...

kernel: ipv4: netfilter: arp_tables: fix infoleak to userspace

net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

FreeBSD sendfile() information leak

If file size it changed content of kernel memory can be disclosured...

IPComp encapsulation nested payload vulnerability

Overview Some IPComp implementations may contain a kernel memory corruption vulnerability in their handling of nested encapsulation of IPComp payloads. Description RFC 3173 defines the IP Payload Compression Protocol IPComp as:IP payload compression is a protocol to reduce the size of IP datagram...

kernel: CAN info leak

The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...

Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1073-1)

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Jacobson discovered that ThinkPad video output was not correctly...

Ubuntu 8.04 LTS : linux vulnerabilities (USN-1072-1)

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dave Chinner discovered that the XFS filesystem did not correctly order...

USN-1074-2: Linux kernel vulnerabilities

Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service...